domenico/openwrt_NSS_ACW
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

kernel: enable conntrack counter updates for iptables xt_FLOWOFFLOAD

Browse Source 
Ensures that packet/byte counters in /proc/net/nf_conntrack are updated

Signed-off-by: Felix Fietkau <nbd@nbd.name>
This commit is contained in:
Felix Fietkau
2023-03-23 21:44:10 +01:00
parent 808014c007
commit f84c94060f
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
target/linux/generic/hack-5.15/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
View File

@@ -98,7 +98,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
obj-$(CONFIG_NETFILTER_XT_TARGET_LED) += xt_LED.o obj-$(CONFIG_NETFILTER_XT_TARGET_LED) += xt_LED.o
--- /dev/null --- /dev/null
+++ b/net/netfilter/xt_FLOWOFFLOAD.c +++ b/net/netfilter/xt_FLOWOFFLOAD.c
@@ -0,0 +1,697 @@ @@ -0,0 +1,698 @@
+/* +/*
+ * Copyright (C) 2018-2021 Felix Fietkau <nbd@nbd.name> + * Copyright (C) 2018-2021 Felix Fietkau <nbd@nbd.name>
+ * + *
@@ -752,6 +752,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
+{ +{
+ INIT_DELAYED_WORK(&tbl->work, xt_flowoffload_hook_work); + INIT_DELAYED_WORK(&tbl->work, xt_flowoffload_hook_work);
+ tbl->ft.type = &flowtable_inet; + tbl->ft.type = &flowtable_inet;
+ tbl->ft.flags = NF_FLOWTABLE_COUNTER;
+ +
+ return nf_flow_table_init(&tbl->ft); + return nf_flow_table_init(&tbl->ft);
+} +}
@@ -770,7 +771,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
+ if (ret) + if (ret)
+ goto cleanup; + goto cleanup;
+ +
+ flowtable[1].ft.flags = NF_FLOWTABLE_HW_OFFLOAD; + flowtable[1].ft.flags |= NF_FLOWTABLE_HW_OFFLOAD;
+ +
+ ret = xt_register_target(&offload_tg_reg); + ret = xt_register_target(&offload_tg_reg);
+ if (ret) + if (ret)